Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo DHL THAILAND

Group: Devman

Discovered by ransomware.live: 2025-06-02

Estimated attack date: 2025-06-02

Country: TH

Description:

TBD

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 318

Compromised Users: 42657

Third Party Employee Credentials: 1306

External Attack Surface: 200

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse key-systems.net
  • abusereport key-systems.net
  • domains deutschepost.de
  • info domain-contact.org
MX Records
  • dhl-com.fortimailcloud.com.
TXT Records
  • onetrust-domain-verification=86d6b6dd18a743d9a30cf4cb40017e84
  • v=spf1 include:dpdhl._spf.dhl.com include:3a._spf.dhl.com include:3b._spf.dhl.com include:3c._spf.dhl.com include:3d._spf.dhl.com include:3e._spf.dhl.com include:3f._spf.dhl.com include:mrsc._spf.dhl.com include:e2ma.net include:spf.mandrillapp.com ~all
  • amazonses:gtMOfHHBB2nwFoX+iXEWovWkRf66WFugJgKxjzCN9Rg=
  • canva-site-verification=pSVafjhp81FF9k6rmvEURQ
  • arcules-domain-verification=Qh8wnm0GIk400jkk9NGJgh2KbXpvE8p9WeQOmDQyvj7
  • globalsign-domain-verification=19687C8FBCD1F197336986DB4E8ECA09
  • pardot1024731=05ff64dc9fea2fd92da4238a7c431480cd48736d513a8dfdeebf552c939afcd0
  • asv=152ef1e97f6679653b3acef2ea507ed6
  • hm5bpdz3w772wpzb4xbw649h5dd7f6xs
  • _bfxkuvo2jgmnl5k1vb193uos01v04ln
  • google-site-verification=QsnKi52v6M1z-N3dtyxAopCglJmE4GiEipCLZJxna1Y
  • google-site-verification=LzdGGI-11pL_iZpOfZwEQ8GY7s9a9_oem8zgXoR0T3Q
  • atlassian-domain-verification=mmsERGyn2rlOT8eOe12PbNcvgZ4mxzeOq+e75gQbAYUO3cOhU4Fr7+UfTRKRzrfs
  • google-site-verification=HUVzQJOJmKyha5LCFbvFwjCDh5JMkC-85K5C-s44Lt0
  • remarkable-domain-verification=9b8d2b9f-2701-4479-807b-cae13ef0c39c
  • _ofcyzbnkdd4rq5y30wvqq5ihnri1sdl
  • sending_domain1024731=7b1368b64c62a7e74ebee33ffba6d1f1ea1a51f29564c1195a486733b0bc813f
  • dvv-domain-verification-qHbF2Dy8ZcA4-jzKhreXth090424
  • _b1h0c1q06fxhbdyht0n5avc2e4dpw4i
  • facebook-domain-verification=8vnu10tvn6novixz0fkg8ybx26kz1f
  • klaviyo-site-verification=Wsh5pc
  • canva-site-verification=qFReybt3RwHDPZqEdF-sOQ
  • cisco-ci-domain-verification=6f8bf0505ee35b0a464c20a0520dd8fd2da5bbfaa26ad53d20d6dc33cd536ab1
  • mongodb-site-verification=0Crz9iHBXaQyTii6NECBJXDlmyUup51q
  • docusign=6d733f59-f916-4426-9028-c800fc5e2ba1
  • nintex.625eb685a1608f0070bca981
  • google-site-verification=MKYejQl1Mh9fB5dwrsO9d6xADpVZellFYmDBs6uHvI4
  • _globalsign-domain-verification=AiWA74qQxgKPk70AM7-eNgpKKNe4nw0dGU-McytRuh
  • ms-domain-verification=5253e385-6b1f-4621-b0a0-090e374e40ea
  • adobe-idp-site-verification=00c0593e27f3b625df20796c2aea6a9d18005694df716a444a53ac7242f672a1
  • Dynatrace-site-verification=f913d8c2-f6d5-4265-9c7f-aae8784c0652__4u08f5qon49tv8mngsmruso1b0
  • atlassian-domain-verification=zCudhHQPIDjcXLKuYWm5QqU2aeaWx4Ccq7RcoJj1KtTXDqxaYKpdcqkH3PnT8C8f
  • Dynatrace-site-verification=8a64ad24-3b3a-4665-b8ac-0975fa5be9f6__a5mepuk85f2o7egbq5cmmlp8tu
  • atlassian-domain-verification=qbptEr3ApnuFdaarJIXPcni8gL6QhnXdWKywTF7obCDumx9zj4fifuTOdhhujRBu
  • smartsheet-site-validation=BwFwvtcb2t5Uqeanz8SefQ_4lIZvRQLd
  • dtm-domain-verification=vqD_-FMI3ideO3ftFt_BL1opD2y6LcbP2YJm7F27_nY
Cloud / SaaS Services Detected
Adobe Atlassian Amazon SES/WorkMail Salesforce Mandrill Cisco OneTrust DocuSign